SEARCH CLINIC

Search engine online marketers
Subscribe Twitter Facebook Linkedin

Apple in iPhone location tracking data snooping storm

April 26, 2011 By: Dr Search Principal Consultant at the Search Clinic Category: Apple, Cyber Security, data security, Mobile Marketing, mobile phones, smart phones, Uncategorized

Apple is under pressure to explain why the iPhone tracks and stores users’ movements without users’ consent and agreement.
Apple in iPhone location tracking data snooping stormThe UK’s Information Commissioner has said that anyone who is concerned about the log of their whereabouts can make a complaint to his officials, who enforce the Data Protection Act.

Over the pond US Congressmen have been calling for Apple to explain itself over the way the iPhone logs users’ coordinates based on the mobile network masts to which they are connected.

The Federal Communications Commission meanwhile reportedly said it would look into the matter.

The location tracking file is stored on both the phone and the computer it is associated with, and is not protected by a password or encryption. The security firm F-Secure also claimed the iPhone reports location data back to Apple twice a day.

In a letter to Steve Jobs, the Democratic Senator Al Franken, who leads a Senate privacy panel, said: “Anyone who gains access to this single file could likely determine the location of the user’s home, the businesses he frequents, the doctors he visits, the schools his children attend, and the trips he has taken over the past months or even a year.”

Senator Franken asked the Apple CEO to explain why the data is captured, what it is used for and why it did not seek “affirmative consent” from users.

The controversy was sparked on Thursday when two British security researchers, Alisdair Allan and Pete Warden, published their findings about the hidden file, which is enigmatically named “consolidated.db”. They released a downloadable application that plots users’ movements on web-based mapping software to illustrate the privacy implications.

In its statement the Information Commissioner’s Office said: “All businesses that are collecting people’s data should have clear and accessible privacy notices. This is especially important where users are unlikely to appreciate the privacy implications of a service they are using.

“Apple has a legal obligation to make clear how people’s information might be used when customers sign up. Equally, customers should make sure they carefully read through terms and conditions.”

“Anyone who has a data protection concern can bring their complaint to us and we will look into it.”

Apple’s privacy policy states that location data “is collected anonymously in a form that does not personally identify you and is used by Apple and our partners and licensees to provide and improve location-based products and services”.

But Professor Ross Anderson, a privacy and security expert at the University of Cambridge, argued the location log could not be considered anonymous data.

“If your location history were to be kept anonymous, it would have to be broken up into separate segments of a few hours or perhaps even less,” Prof. Anderson said.

“As it is, if our location histories were to be published without our names on, then anyone who knows where you were at a few definite times in the past can identify your location history from among all the millions of other people’s, and then work out where you were at (say) evenings and weekends.”

Apple has not yet publicly responded to the controversy.

1 Trackbacks/Pingbacks

  1. SEARCH CLINIC – Apple finally admits snooping and releases tracking fix 08 05 11